Lucene search
Japan Vulnerability NotesJVN:38138980HistoryAug 04, 2005 - 12:00 a.m.
JVN#38138980 Hiki cross-site scripting vulnerability
2005-08-0400:00:00
Japan Vulnerability Notes
jvn.jp
22
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.002
Percentile
65.3%
Impact
A remote attacker could create a content containing attacking code and take over a session by stealing the session ID of the user who logged into the system. If the user logged into the system as the administrator, the remote attacker could manipulate configurations.
Solution
Products Affected
- Hiki 0.8.0 - 0.8.2
Related
nvd
nvd
CVE-2005-2336
2005-09-06 21:03:00
CVE-2005-2803
2005-09-06 21:03:00
cvelist
cvelist
CVE-2005-2803
2005-09-06 04:00:00
CVE-2005-2336
2005-09-06 04:00:00
cve
cve
CVE-2005-2336
2005-09-06 21:03:00
CVE-2005-2803
2005-09-06 21:03:00
debiancve
debiancve
CVE-2005-2803
2005-09-06 21:03:00
CVE-2005-2336
2005-09-06 21:03:00
ubuntucve
ubuntucve
CVE-2005-2336
2005-09-06 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.002
Percentile
65.3%
Related for JVN:38138980